2167337 – (CVE-2020-16250) CVE-2020-16250 vault: Hashicorp Vault AWS IAM Integration Authentication Bypass

Bug 2167337 (CVE-2020-16250) - CVE-2020-16250 vault: Hashicorp Vault AWS IAM Integration Authentication Bypass

Summary: CVE-2020-16250 vault: Hashicorp Vault AWS IAM Integration Authentication Bypass

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2020-16250
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2168894 2167352 2167353 2167356 2167358 2167360 2167361 2167362
Blocks:	2167338
TreeView+	depends on / blocked

Reported:	2023-02-06 10:36 UTC by Avinash Hanwate
Modified:	2024-03-19 02:24 UTC (History)
CC List:	16 users (show)
Fixed In Version:	vault 1.2.5, vault 1.3.8, vault 1.4.4, vault 1.5.1
Clone Of:
Environment:
Last Closed:	2023-06-23 01:42:56 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:3342	0	None	None	None	2023-06-21 16:54:40 UTC
Red Hat Product Errata	RHSA-2023:3742	0	None	None	None	2023-06-22 19:52:17 UTC

Description Avinash Hanwate 2023-02-06 10:36:34 UTC

A vulnerability was identified in Vault and Vault Enterprise (“Vault”) such that, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulated and authentication bypassed.

https://www.hashicorp.com/blog/category/vault/
https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#151
http://packetstormsecurity.com/files/159478/Hashicorp-Vault-AWS-IAM-Integration-Authentication-Bypass.html

Comment 4 errata-xmlrpc 2023-06-21 16:54:38 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2023:3342 https://access.redhat.com/errata/RHSA-2023:3342

Comment 5 errata-xmlrpc 2023-06-22 19:52:15 UTC

This issue has been addressed in the following products:

  RHODF-4.13-RHEL-9

Via RHSA-2023:3742 https://access.redhat.com/errata/RHSA-2023:3742

Comment 6 Product Security DevOps Team 2023-06-23 01:42:53 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-16250

Note You need to log in before you can comment on or make changes to this bug.